Taxalmanacer, I raised that point in the context of discussing client giveaways. Nobody thought it was a big deal, which surprised me a little.

I'm not great with technology but when you plug other people's thumb drive into my computer could a virus be transmitted? What about malware?

One of the things bad guys do when they want to get access to a datacenter is to drop a USB flash drive near the entrance of the building somewhere. They are hoping an employee will pick it up and plug it into their work computer, to see what's on it or who it belongs to. Now, I'd hope the workstation security settings are set to not auto-run executables from removable media, but who knows for sure what these guys can come up with to get around that. If whatever is on there runs, then they have a prybar into the network (e.g. a key logger that runs with root privileges). Nasty stuff.

I don't think I'd worry about this with my tax clients but it is definitely not a zero probability risk.

Philly, you can also do whats called masking where taxpayers ss# is starred out(*) on return

Philly, you can also do whats called masking where taxpayers ss# is starred out(*) on return

What about the AGI? That is sometimes used, contrary to sound practice, as a shared secret for security purposes. How do you mask the AGI?